Originally published on: November 28, 2024
North Korean hackers with alleged ties to the government have escalated their social engineering tactics to target large multinational information technology firms. According to researchers at the Cyberwarcon cybersecurity conference, two hacker groups known as “Sapphire Sleet” and “Ruby Sleet” have been identified in these malicious activities.
Sapphire Sleet reportedly used fraudulent employment schemes to trick unsuspecting individuals into interviews or job offers by posing as legitimate recruiters. During the process, the hackers would infect victims’ computers with malware disguised as PDF files or malicious links.
On the other hand, Ruby Sleet focused on infiltrating aerospace and defense contractors in the US, UK, and South Korea to steal military secrets. The report highlighted that North Korean hackers were utilizing AI, social media, and voice-changing technologies to create fake identities and carry out recruitment scams within these companies.
This alarming trend of cybercrime has been ongoing for some time, with North Korean hackers previously targeting cryptocurrency firms using similar tactics. In recent months, the FBI issued warnings about malware disguised as employment offers being used to steal private keys from crypto companies and decentralized finance projects.
The Cosmos ecosystem also faced security concerns over its Liquid Staking Module, allegedly built by North Korean developers. This has led to multiple security audits to ensure the safety of users within the ecosystem.
Stay informed about the latest developments in cybersecurity and cryptocurrency by subscribing to our newsletter. Don’t miss out on exclusive insights and analysis to help you navigate the evolving financial landscape with confidence.